ClawHub

Knot Agent Eval

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Knot RAG evaluation skill that uses user-provided credentials and writes expected evaluation artifacts, but users should treat those outputs as sensitive.

Install and use this only if you are authorized to evaluate the target Knot agent and knowledge base. Use environment-variable tokens, run it in a dedicated access-controlled working directory, keep generated JSON/cache/report files out of version control, and redact outputs before sharing them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill instructs the agent to generate and write multiple files such as eval_questions.json, eval_results.json, ai_review_results.json, and reports without an explicit user-facing warning at the point of modification. In an agent setting, silent file creation or overwrite can cause accidental data loss, workspace pollution, or unintended persistence of sensitive evaluation data.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script persistently writes raw evaluation artifacts to disk, including model answers, source document metadata, conversation identifiers, chat URLs, and partial thinking traces, without minimization, masking, encryption, or an explicit consent/disclosure step. In this skill’s context, the data comes from enterprise knowledge-base evaluation flows, so the stored outputs may contain sensitive internal content and retrievable links that expand exposure if the files are copied, synced, or accessed by other users/processes.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal